The present invention relates to computer information systems and, more particular, to security.
With continued proliferation of the Internet, and the expanding use of web applications, website security is an ongoing concern; unscrupulous users sometimes initiate cyber-attacks against websites with the intent to undermine or compromise the function of computer-based systems. Examples of such cyber-attacks include cross-site scripting (XSS) attacks, SQL injection, remote file inclusion, code injection, file system attacks, and command executions. To validate the security of web applications, application developers oftentimes perform a static analysis on the computer program code of the web applications to identify potential security vulnerabilities, and then implement changes to the computer program code to address such vulnerabilities.
One form of static analysis is known as taint analysis. A taint analysis searches for paths leading from statements that read user-provided data, which are known as sources, to statements that perform security-sensitive operations, which are known as sinks. When a path is discovered that does not go through a downgrading operation (e.g., sanitization of validation), then that path may represent a security vulnerability.